I encrypted the web.config
file using following code
protected void Page_Load(object sender, EventArgs e)
{
EncriptSection("connectionStrings", "DataProtectionConfigurationProvider");
}
private void EncriptSection(string sectionName, string provider)
{
Configuration config =
WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection(sectionName);
if (section != null && !section.SectionInformation.IsProtected)
{
section.SectionInformation.ProtectSection(provider);
config.Save();
}
}
after encryption web.config file,Site is running good in local system but when i publish my site and deployed into server.
Pages are not reading the web.config
file and giving error.When I decrypt the file and then publish the site into server site is running good on server.
How can i encrypt the file and run it into server.
Below is the error which i am getting now :
Runtime Error
Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine.
Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors>
tag within a web.config
configuration file located in the root directory of the current web application. This <customErrors>
tag should then have its mode
attribute set to Off
.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="Off"/>
</system.web>
</configuration>
Notes: The current error page you are seeing can be replaced by a custom error page by modifying the defaultRedirect
attribute of the application's <customErrors>
configuration tag to point to a custom error page URL.
<!-- Web.Config Configuration File -->
<configuration>
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/>
</system.web>
</configuration>
****AFTER WHEN I PUT**
<customErrors mode="Off"/>
**in configuartion then get following error****
Parser Error Message: Failed to decrypt using provider 'DataProtectionConfigurationProvider'. Error message from the provider: Key not valid for use in specified state. (Exception from HRESULT: 0x8009000B)
Source Error:
Line 13: </system.web>
Line 14: <connectionStrings
configProtectionProvider="DataProtectionConfigurationProvider">
Line 15: <EncryptedData>
Line 16: <CipherData>
Line 17: <CipherValue>reertertertreterterterterterterterte
rtertertertertert5345345345 </CipherValue>
Source File: C:\FOLDER\web.config Line: 15
You need to publish your application with the web.config sections decrypted because the key that is used to encrypt/decrypt is machine specific.
To encrypt the web.config sections online call the ProtectSection()
method in Application_Start()
of global.asax
.
So ProtectSection()
method will do this the first time the application starts.
User contributions licensed under CC BY-SA 3.0